//package com.chenailin.www.filter;
//
//import com.chenailin.www.model.vo.ResultVO;
//import com.chenailin.www.util.JsonUtil;
//
//import javax.servlet.*;
//import javax.servlet.annotation.WebFilter;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpServletResponse;
//import javax.servlet.http.HttpSession;
//import java.io.IOException;
//import java.util.Arrays;
//import java.util.List;
//
///**
// * Authentication filter to protect routes that require authentication
// * @author evi
// */
//@WebFilter("/*")
//public class AuthenticationFilter implements Filter {
//
//    // List of paths that don't require authentication
//    private static final List<String> PUBLIC_PATHS = Arrays.asList(
//            "/login",
//            "/register",
//            "/check-auth",
//            "/knowledge/list/public",
//            // For getting public knowledge base details, more granular check in controller
//            "/knowledge/",
//            // For getting public articles, more granular check in controller
//            "/article/"
//    );
//
//    @Override
//    public void init(FilterConfig filterConfig) throws ServletException {
//        // Initialization logic if needed
//    }
//
//    @Override
//    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
//            throws IOException, ServletException {
//        HttpServletRequest httpRequest = (HttpServletRequest) request;
//        HttpServletResponse httpResponse = (HttpServletResponse) response;
//
//        // Set common headers
//        httpResponse.setHeader("Access-Control-Allow-Origin", "*");
//        httpResponse.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
//        httpResponse.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
//        httpResponse.setHeader("Access-Control-Max-Age", "3600");
//
//        // Handle preflight requests
//        if (httpRequest.getMethod().equals("OPTIONS")) {
//            httpResponse.setStatus(HttpServletResponse.SC_OK);
//            return;
//        }
//
//        // Get the request path
//        String path = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length());
//
//        // Check if the path is public
//        boolean isPublicPath = PUBLIC_PATHS.stream()
//                .anyMatch(publicPath -> {
//                    if (publicPath.endsWith("/")) {
//                        return path.startsWith(publicPath);
//                    } else {
//                        return path.equals(publicPath);
//                    }
//                });
//
//        if (isPublicPath) {
//            // Public path, proceed without authentication check
//            chain.doFilter(request, response);
//            return;
//        }
//
//        // Check if user is authenticated
//        HttpSession session = httpRequest.getSession(false);
//        if (session != null && session.getAttribute("userId") != null) {
//            // User is authenticated, proceed
//            chain.doFilter(request, response);
//        } else {
//            // User is not authenticated, return 401 Unauthorized
//            httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
//            httpResponse.setContentType("application/json;charset=UTF-8");
//            httpResponse.getWriter().write(JsonUtil.toJson(ResultVO.error(401, "Authentication required")));
//        }
//    }
//
//    @Override
//    public void destroy() {
//        // Cleanup logic if needed
//    }
//}